Security Experts:

Connect with us

Hi, what are you looking for?



Attackers Demand Millions in Texas Ransomware Incident

The cybercriminals behind the recent ransomware incident that impacted over 20 local governments in Texas are apparently demanding $2.5 million in exchange for access to encrypted data.

The cybercriminals behind the recent ransomware incident that impacted over 20 local governments in Texas are apparently demanding $2.5 million in exchange for access to encrypted data.

The incident took place on August 16, when 23 towns in Texas revealed they were targeted in a coordinated attack to infect their systems with ransomware. The State Operations Center (SOC) was activated soon after and all of the impacted entities were quickly identified.

Although it initially said that 23 local governments appeared affected, the Texas Department of Information Resources (DIR) has since revealed that only 22 towns suffered following the attack. Responders have engaged with all of them to assess the impact of the attack.

“More than twenty-five percent of the impacted entities have transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual,” the DIR revealed in an update.

While the investigation into the attack continues, DIR says that evidence continues to suggest that a single threat actor was behind it. However, it did not provide additional details on the incident.

City of Borger was one of the victims, with its business and financial operations and services impacted by ransomware, although basic and emergency services continued to be operational.

“Currently, Vital Statistics (birth and death certificates) remains offline, and the City is unable to take utility or other payments. Until such time as normal operations resume, no late fees will be assessed, and no services will be shut off,” the city said earlier this week (PDF).

City of Keene was also affected, being unable to process utility payments.

In both cases, no customer credit card or other personal information appears to have been impacted by the incident.

While authorities have yet to reveal any details on the attackers’ demands, Keene Mayor Gary Heinrich revealed that the hackers were apparently asking for a collective ransom of $2.5 million to unlock the encrypted files, NPR reports.

Related: ‘Coordinated’ Ransomware Attack Hits 23 Towns in Texas

Related: Louisiana Schools Suffer Cyberattacks Ahead of Year’s Start

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...